1. Administrator Guide for Configuring Identity Federation (When using Microsoft Azure AD Synchronization for User Provisioning)
  2. Steps to Configure Identity Federation in OCI IAM Identity Domain
  3. Step 8: Configuring Just In Time Provisioning Attribute Mapping using Postman

Step 8: Configuring Just In Time Provisioning Attribute Mapping using Postman

To configure the part of JIT attribute Mapping through Postman, follow these steps:

Set the Environment Parameters in Postman

  1. Open Postman, select Environments, and click Import.

  2. On the Import screen, Import the file OCI IAM Identity Domain.postman_environment.json. For the JSON file downloads, refer to the following Customer Support Portal article: https://iccp.custhelp.com/app/answers/answer_view/a_id/1016088.

  3. In the imported environment, update the environment variables by entering the following values, and then click Save.

    1. HOST: The Oracle IAM Domain URL.

    2. CLIENT_ID and CLIENT_SECRET: The Client ID and the Client Secret from the confidential application.

Import the OCIM Federation Postman Collection

  1. On the Postman main page, select Collection and click Import.

  2. In the Import dialog box, import the file OCIM Federation.postman_collection.json. For the JSON file downloads, refer to the following Customer Support Portal article: https://iccp.custhelp.com/app/answers/answer_view/a_id/1016088.

Request an Access Token

  1. On the Collections tab, expand OCIM Federation and select Obtain access_token (client credentials). Click Send.

    The access token is returned in the response from Oracle Identity Domain.

  2. Highlight the access token content between the quotation marks and then right-click.

  3. In the shortcut menu, select Set: OCI IAM Identity Domain. In the secondary menu, select access_token. The highlighted content is assigned as the access token value.

Get the Identity Provider Name

  1. Select Get the Identity Provider Name and click Send.

  2. Note the partnerName in the response for the type: SAML. The partnerName should be the Identity Provider configured in Identity Domain.

Get the Identity Provider Id by passing the Identity Provider Name

  1. Select Get the Identity Provider Id by passing the Identity Provider Name.

  2. Replace partnerName in the URI with the partnerName from the 'Get the Identity Provider Name' section (see previous steps).

  3. Click Send.

  4. Note the jitUserProvAttributes.value.

Update the JIT Attribute Mapping

  1. Select Update the JIT Attribute Mapping.

  2. Replace the <jitUserProvAttributes.value> in the URL with the value from the ‘Get the Identity Provider Id by passing the Identity Provider Name’ section (see previous steps).

  3. Click Send.

    Note:

    Status: 200 OK should be received in the response.

Confirm the JIT Mappings are Created

  1. Go to the OCI Identity Domain console, navigate to Identity Provider, and select the provider.

  2. Click Configure JIT and confirm the JIT mappings have been created.

Parent topic: Steps to Configure Identity Federation in OCI IAM Identity Domain